Access problems with Nextcloud linux client

Hi,

I’m using the official Nextcloud docker image (15-fpm-alpine) with nginx SSL proxy. I started using the docker-compose example which I found here:

The Nextcloud docker instance is configured for https requests on port 8443 (there’s another web server running on this machine). The nginx https proxy passes the requests via http to the nginx web server instance which serves the Nextcloud pages.

I can login using the web interface and I can sync my files with WebDAV.
However, I’m still having troubles to connect the official Linux client (latest beta client from Ubuntu PPA; I also tried the AppImage but with no difference) with my Nextcloud instance.

What I can see in the log window is that the client complains that the login form is provided over http while the page itself is served via https (at least that’s my assumption of what’s going wrong here):

[OCC::CheckServerJob::finished 	status.php returns:  QJsonDocument({"edition":"","installed":true,"maintenance":false,"needsDbUpgrade":false,"productname":"Nextcloud","version":"15.0.2.0","versionstring":"15.0.2"})   QNetworkReply::NetworkError(NoError)  Reply:  QNetworkReplyHttpImpl(0x556a6f8bb230)
[OCC::DetermineAuthTypeJob::start 	Determining auth type for QUrl("https://myserver.mydomain.lan:8443/remote.php/webdav/")
[OCC::AccessManager::createRequest 	2 "" "https://myserver.mydomain.lan:8443/remote.php/webdav/" has X-Request-ID "22afa9a3-7964-4fd0-aa4e-b06a9f5b9a98"
[OCC::AbstractNetworkJob::start 	OCC::SimpleNetworkJob created for "https://myserver.mydomain.lan" + "" "OCC::Account"
[OCC::AccessManager::createRequest 	6 "PROPFIND" "https://myserver.mydomain.lan:8443/remote.php/webdav/" has X-Request-ID "e879ab82-572a-41ba-adba-6869075b2339"
[OCC::AbstractNetworkJob::start 	OCC::SimpleNetworkJob created for "https://myserver.mydomain.lan" + "" "OCC::Account"
[OCC::DetermineAuthTypeJob::checkBothDone 	Auth type for QUrl("https://myserver.mydomain.lan:8443/remote.php/webdav/") is 3
[OCC::WebViewPage::initializePage 	Url to auth at:  "https://myserver.mydomain.lan:8443/index.php/login/flow"
[unknown 	Mixed Content: The page at 'https://myserver.mydomain.lan:8443/index.php/login/flow' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://myserver.mydomain.lan:8443/login/flow/apptoken'. This endpoint should be made available over a secure connection.
[unknown 	Mixed Content: The page at 'https://myserver.mydomain.lan:8443/login/flow/grant?clientIdentifier=&stateToken=EFK3AdrBBsyZZvjOK8x8aODsyZoKYtRWg1JqbdJG2fqFPLm97Y60KLSapwbqtrip' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://myserver.mydomain.lan:8443/login/flow'. This endpoint should be made available over a secure connection.
[unknown 	Mixed Content: The page at 'https://myserver.mydomain.lan:8443/login/flow/grant?clientIdentifier=&stateToken=EFK3AdrBBsyZZvjOK8x8aODsyZoKYtRWg1JqbdJG2fqFPLm97Y60KLSapwbqtrip' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://myserver.mydomain.lan:8443/login/flow'. This endpoint should be made available over a secure connection.
[unknown 	Mixed Content: The page at 'https://myserver.mydomain.lan:8443/login/flow' was loaded over a secure connection, but contains a form which targets an insecure endpoint 'http://myserver.mydomain.lan:8443/login/flow/apptoken'. This endpoint should be made available over a secure connection.

So my interpretation is that the problem seems to be caused by the Nextcloud App which runs on http and the nginx SSL proxy which translates all requests for the Nextcloud App. Unfortunately, I was not able to find reasonable measures to track down the problem by searching the internet. So I would be very glad if someone with more experience in this field would be able to help me.

Regards,

André

Finally, I found a solution: my Nextcloud config.php was missing an important entry:
‘overwriteprotocol’ => ‘https’

This makes Nextcloud “know” that the site is always accessed via https.

1 Like

It’s great!
Thank you. I spent a week for searching solution. :slight_smile: